flask-admin与flask_security,FileAdmin文件功能集成搭建简单登陆验证
法烨华
官方例子
from flask import Flask, render_template
from flask_sqlalchemy import SQLAlchemy
from flask_security import Security, SQLAlchemyUserDatastore, \
UserMixin, RoleMixin, login_required
# Create app
app = Flask(__name__)
app.config['DEBUG'] = True
app.config['SECRET_KEY'] = 'super-secret'
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite://'
# Create database connection object
db = SQLAlchemy(app)
# Define models
roles_users = db.Table('roles_users',
db.Column('user_id', db.Integer(), db.ForeignKey('user.id')),
db.Column('role_id', db.Integer(), db.ForeignKey('role.id')))
class Role(db.Model, RoleMixin):
id = db.Column(db.Integer(), primary_key=True)
name = db.Column(db.String(80), unique=True)
description = db.Column(db.String(255))
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
email = db.Column(db.String(255), unique=True)
password = db.Column(db.String(255))
active = db.Column(db.Boolean())
confirmed_at = db.Column(db.DateTime())
roles = db.relationship('Role', secondary=roles_users,
backref=db.backref('users', lazy='dynamic'))
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
# Create a user to test with
@app.before_first_request
def create_user():
db.create_all()
user_datastore.create_user(email='matt@nobien.net', password='password')
db.session.commit()
# Views
@app.route('/')
@login_required
def home():
return render_template('index.html')
if __name__ == '__main__':
app.run()
扩展要求数据库必须要有User和Role这两张表以及包含相应的字段,Flask-Security才能够帮助我们生成权限管理的解决方案。举个简单的例子,通过使用Flask-Security, 我们可以用下面的方式创建用户:
from urls import db, User, Role
from flask_security import SQLAlchemyUserDatastore, Security
# Setup Flask-Security
user_datastore = SQLAlchemyUserDatastore(db, User, Role)
security = Security(app, user_datastore)
db.create_all()
# 创建管理员
admin = user_datastore.create_user(email='admin@4paradigm.com', password='admin')
# 创建普通用户角色和Admin角色
user_role = user_datastore.create_role(name='User', description='Generic user role')
admin_role = user_datastore.create_role(name='Admin', description='Admin user role')
# 为admin添加Admin角色(admin_role)
user_datastore.add_role_to_user(admin, admin_role)db.session.commit()
进行视图的访问权限限制
class MyModelView(sqla.ModelView):
# def is_accessible(self):
# if current_user.is_authenticated and current_user.email == "admin":
# return True
# return False
def is_accessible(self):
return current_user.is_authenticated
def inaccessible_callback(self, name, **kwargs):
return redirect(url_for('admin.index', next=request.url))
添加文件功能
@app.route('/admin/get_fileadmin')
@login_required #进行验证用户,未登陆不能访问试图
def get_static():
path = op.join(op.dirname(__file__), 'static')
admin.add_view(FileAdmin(path, '/static/', name='Static Files'))
return redirect('/admin')
前端
{% extends 'admin/master.html' %}
{% block body %}
<div class="container" align="right">
<h5 align="center">Welcome to 后台管理!</h5>
<br>
<p align="center">管理员<a href="/login">登录</a></p >
<p align="center">管理员<a href="/logout">登出</a></p >
<br>
</div>
{% endblock %}
内容有点多,有点乱,自己看着写吧
类似资料: